/**
* Stop all forwards giving the resource ID of the <i>SSL-Tunnel</i> that started them.
*
* @param launchSession launch session
* @throws NoPermissionException if not allowed
* @throws CoreException on any other error
*/
public void stopTunnels(LaunchSession launchSession) throws NoPermissionException, CoreException {
if (!DefaultAgentManager.getInstance().hasActiveAgent(launchSession.getSession())) {
throw new TunnelException(TunnelException.INTERNAL_ERROR, (Throwable) null, "No agent.");
}
Tunnel tunnel = (Tunnel) launchSession.getResource();
launchSession.checkAccessRights(null, agent.getSession());
MultiplexedConnection agent =
DefaultAgentManager.getInstance().getAgentBySession(launchSession.getSession());
try {
if (tunnel.getType() == TransportType.LOCAL_TUNNEL_ID) {
Collection<Tunnel> l = new ArrayList<Tunnel>();
l.add(tunnel);
stopLocalTunnels(agent, l);
} else if (tunnel.getType() == TransportType.REMOTE_TUNNEL_ID) {
Collection<Tunnel> l = new ArrayList<Tunnel>();
l.add(tunnel);
stopRemoteTunnels(agent, l);
} else {
throw new TunnelException(
TunnelException.INTERNAL_ERROR,
(Throwable) null,
"Unknown tunnel type " + tunnel.getType());
}
CoreServlet.getServlet()
.fireCoreEvent(
new ResourceAccessEvent(
this,
TunnelsEventConstants.TUNNEL_CLOSED,
launchSession.getResource(),
launchSession.getPolicy(),
launchSession.getSession(),
CoreEvent.STATE_SUCCESSFUL));
} catch (TunnelException te) {
CoreServlet.getServlet()
.fireCoreEvent(
new ResourceAccessEvent(
this,
TunnelsEventConstants.TUNNEL_CLOSED,
launchSession.getResource(),
launchSession.getPolicy(),
launchSession.getSession(),
te));
throw te;
} finally {
LaunchSessionFactory.getInstance().removeLaunchSession(launchSession);
}
}
/**
* Start port forwards for the <i>SSL Tunnel</i> specified by the provided resource ID.
*
* @param launchSession launch session
* @throws NoPermissionException if not allowed
* @throws TunnelException on any other other
* @throws PolicyException on any other determininig policy
*/
public void startTunnel(LaunchSession launchSession)
throws NoPermissionException, TunnelException, PolicyException {
if (!DefaultAgentManager.getInstance().hasActiveAgent(launchSession.getSession())) {
throw new TunnelException(TunnelException.INTERNAL_ERROR, (Throwable) null, "No agent.");
} else {
Tunnel tunnel = (Tunnel) launchSession.getResource();
launchSession.checkAccessRights(null, agent.getSession());
AgentTunnel agent =
DefaultAgentManager.getInstance().getAgentBySession(launchSession.getSession());
try {
if (tunnel.getType() == TransportType.LOCAL_TUNNEL_ID) {
startLocalTunnel(agent, tunnel, launchSession);
} else if (tunnel.getType() == TransportType.REMOTE_TUNNEL_ID) {
startRemoteTunnel(agent, tunnel, launchSession);
} else {
throw new TunnelException(
TunnelException.INTERNAL_ERROR,
(Throwable) null,
"Unknown tunnel type " + tunnel.getType());
}
// Fire event
CoreServlet.getServlet()
.fireCoreEvent(
new ResourceAccessEvent(
this,
TunnelsEventConstants.TUNNEL_OPENED,
launchSession.getResource(),
launchSession.getPolicy(),
launchSession.getSession(),
CoreEvent.STATE_SUCCESSFUL));
} catch (TunnelException te) {
// Fire event
CoreServlet.getServlet()
.fireCoreEvent(
new ResourceAccessEvent(
this,
TunnelsEventConstants.TUNNEL_OPENED,
launchSession.getResource(),
launchSession.getPolicy(),
launchSession.getSession(),
te));
throw te;
}
}
}
private void fireCoreEvent(
HttpServletRequest request, int eventID, String ipAddress, String ipPermission, int state) {
CoreEvent coreEvent = new CoreEvent(this, eventID, null, getSessionInfo(request), state);
coreEvent.addAttribute(CoreAttributeConstants.EVENT_ATTR_IP_RESTRICTION_ADDRESS, ipAddress);
coreEvent.addAttribute(
CoreAttributeConstants.EVENT_ATTR_IP_RESTRICTION_IS_AUTHORIZED, ipPermission);
CoreServlet.getServlet().fireCoreEvent(coreEvent);
}
private void fireSuccessfulEvent(
SessionInfo sessionInfo, int eventId, Role role, List<String> selectedUsers) {
CoreEvent coreEvent = new CoreEvent(this, eventId, role, sessionInfo);
coreEvent.addAttribute(CoreAttributeConstants.EVENT_ATTR_PRINCIPAL_ID, role.getPrincipalName());
if (!selectedUsers.isEmpty()) {
for (int index = 0; index < selectedUsers.size(); index++) {
String username = selectedUsers.get(index);
coreEvent.addAttribute(
CoreAttributeConstants.EVENT_ATTR_ACCOUNT + Integer.valueOf(index), username);
}
}
CoreServlet.getServlet().fireCoreEvent(coreEvent);
}
private void fireUnsuccessfulEvent(
RoleForm roleForm, SessionInfo sessionInfo, int eventId, Exception ex) {
CoreEvent coreEvent = new CoreEvent(this, eventId, null, sessionInfo, ex);
coreEvent.addAttribute(CoreAttributeConstants.EVENT_ATTR_PRINCIPAL_ID, roleForm.getRolename());
CoreServlet.getServlet().fireCoreEvent(coreEvent);
}
/*
* (non-Javadoc)
*
* @see org.apache.struts.actions.DispatchAction#unspecified(org.apache.struts.action.ActionMapping,
* org.apache.struts.action.ActionForm,
* javax.servlet.http.HttpServletRequest,
* javax.servlet.http.HttpServletResponse)
*/
public ActionForward unspecified(
ActionMapping mapping,
ActionForm form,
HttpServletRequest request,
HttpServletResponse response)
throws Exception {
List<WizardActionStatus> actionStatus = new ArrayList<WizardActionStatus>();
AbstractWizardSequence seq = getWizardSequence(request);
String name = (String) seq.getAttribute(WebForwardResourceDetailsForm.ATTR_RESOURCE_NAME, null);
String description =
(String) seq.getAttribute(WebForwardResourceDetailsForm.ATTR_RESOURCE_DESCRIPTION, null);
boolean favorite =
((Boolean) seq.getAttribute(WebForwardResourceDetailsForm.ATTR_FAVORITE, Boolean.FALSE))
.booleanValue();
int type =
((Integer) seq.getAttribute(WebForwardTypeSelectionForm.ATTR_TYPE, new Integer(0)))
.intValue();
String category = (String) seq.getAttribute(WebForwardSpecificDetailsForm.ATTR_CATEGORY, null);
String destinationURL =
(String) seq.getAttribute(WebForwardSpecificDetailsForm.ATTR_DESTINATION_URL, null);
PropertyList restrictToHosts =
((PropertyList)
seq.getAttribute(WebForwardSpecificDetailsForm.ATTR_RESTRICT_TO_HOSTS, null));
String encodeing = (String) seq.getAttribute(WebForwardSpecificDetailsForm.ATTR_ENCODEING, "");
String authenticationUsername =
(String)
seq.getAttribute(
WebForwardAuthenticationDetailsForm.ATTR_AUTHENTICATION_USERNAME, null);
String authenticationPassword =
(String)
seq.getAttribute(
WebForwardAuthenticationDetailsForm.ATTR_AUTHENTICATION_PASSWORD, null);
String preferredAuthenticationScheme =
(String)
seq.getAttribute(
WebForwardAuthenticationDetailsForm.ATTR_PREFERRED_AUTHENTICATION_SCHEME, null);
String paths = (String) seq.getAttribute(WebForwardSpecificDetailsForm.ATTR_PATHS, "");
String hostHeader =
(String) seq.getAttribute(WebForwardSpecificDetailsForm.ATTR_HOST_HEADER, "");
boolean activeDNS =
((Boolean) seq.getAttribute(WebForwardSpecificDetailsForm.ATTR_ACTIVE_DNS, Boolean.FALSE))
.booleanValue();
String formParameters =
(String) seq.getAttribute(WebForwardAuthenticationDetailsForm.ATTR_FORM_PARAMETERS, "");
String formType =
(String) seq.getAttribute(WebForwardAuthenticationDetailsForm.ATTR_FORM_TYPE, "");
boolean autoStart = false; // TODO this needs to be hooked in
User user = this.getSessionInfo(request).getUser();
WebForward webForward = null;
try {
try {
Calendar now = Calendar.getInstance();
if (type == WebForward.TYPE_TUNNELED_SITE) {
com.adito.webforwards.TunneledSiteWebForward sswf =
new com.adito.webforwards.TunneledSiteWebForward(
user.getRealm().getRealmID(),
-1,
destinationURL,
name,
description,
category,
autoStart,
now,
now);
webForward = WebForwardDatabaseFactory.getInstance().createWebForward(sswf);
CoreEvent evt =
new ResourceChangeEvent(
this,
WebForwardEventConstants.CREATE_WEB_FORWARD,
webForward,
this.getSessionInfo(request),
CoreEvent.STATE_SUCCESSFUL)
.addAttribute(
WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_CATEGORY,
webForward.getCategory())
.addAttribute(
WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_TYPE,
((WebForwardTypeItem)
WebForwardTypes.WEB_FORWARD_TYPES.get(webForward.getType()))
.getName())
.addAttribute(
WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_URL,
webForward.getDestinationURL());
CoreServlet.getServlet().fireCoreEvent(evt);
} else if (type == WebForward.TYPE_REPLACEMENT_PROXY) {
com.adito.webforwards.ReplacementProxyWebForward spwf =
new com.adito.webforwards.ReplacementProxyWebForward(
user.getRealm().getRealmID(),
-1,
destinationURL,
name,
description,
category,
authenticationUsername,
authenticationPassword,
preferredAuthenticationScheme,
encodeing,
restrictToHosts,
formType,
formParameters,
autoStart,
now,
now);
AbstractAuthenticatingWebForward abstractAuthenticatingWebForward =
(AbstractAuthenticatingWebForward)
WebForwardDatabaseFactory.getInstance().createWebForward(spwf);
CoreEvent evt =
new ResourceChangeEvent(
this,
WebForwardEventConstants.CREATE_WEB_FORWARD,
abstractAuthenticatingWebForward,
this.getSessionInfo(request),
CoreEvent.STATE_SUCCESSFUL)
.addAttribute(
WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_CATEGORY,
abstractAuthenticatingWebForward.getCategory())
.addAttribute(
WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_TYPE,
((WebForwardTypeItem)
WebForwardTypes.WEB_FORWARD_TYPES.get(
abstractAuthenticatingWebForward.getType()))
.getName())
.addAttribute(
WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_URL,
abstractAuthenticatingWebForward.getDestinationURL())
.addAttribute(
WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_PREFERED_AUTH_SCHEME,
abstractAuthenticatingWebForward.getPreferredAuthenticationScheme())
.addAttribute(
WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_AUTH_USERNAME,
abstractAuthenticatingWebForward.getAuthenticationUsername())
.addAttribute(
WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_AUTH_FORM_TYPE,
abstractAuthenticatingWebForward.getFormType())
.addAttribute(
WebForwardEventConstants.EVENT_ATTR_REPLACEMENT_WEB_FORWARD_ENCODEING,
spwf.getEncoding());
spwf.addFormParametersToEvent(
evt, WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_AUTH_FORM_PARAMETERS);
spwf.addRestrictToHostsToEvent(
evt, WebForwardEventConstants.EVENT_ATTR_REPLACEMENT_WEB_FORWARD_RESTRICT_TO_HOSTS);
CoreServlet.getServlet().fireCoreEvent(evt);
webForward = abstractAuthenticatingWebForward;
} else if (type == WebForward.TYPE_PATH_BASED_REVERSE_PROXY
|| type == WebForward.TYPE_HOST_BASED_REVERSE_PROXY) {
com.adito.webforwards.ReverseProxyWebForward rpwf =
new com.adito.webforwards.ReverseProxyWebForward(
user.getRealm().getRealmID(),
-1,
type,
destinationURL,
name,
description,
category,
authenticationUsername,
authenticationPassword,
preferredAuthenticationScheme,
formType,
formParameters,
paths,
hostHeader,
activeDNS,
autoStart,
now,
now,
encodeing);
AbstractAuthenticatingWebForward abstractAuthenticatingWebForward =
(AbstractAuthenticatingWebForward)
WebForwardDatabaseFactory.getInstance().createWebForward(rpwf);
CoreEvent evt =
new ResourceChangeEvent(
this,
WebForwardEventConstants.CREATE_WEB_FORWARD,
abstractAuthenticatingWebForward,
this.getSessionInfo(request),
CoreEvent.STATE_SUCCESSFUL)
.addAttribute(
WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_CATEGORY,
abstractAuthenticatingWebForward.getCategory())
.addAttribute(
WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_TYPE,
((WebForwardTypeItem)
WebForwardTypes.WEB_FORWARD_TYPES.get(
abstractAuthenticatingWebForward.getType()))
.getName())
.addAttribute(
WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_URL,
abstractAuthenticatingWebForward.getDestinationURL())
.addAttribute(
WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_PREFERED_AUTH_SCHEME,
abstractAuthenticatingWebForward.getPreferredAuthenticationScheme())
.addAttribute(
WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_AUTH_USERNAME,
abstractAuthenticatingWebForward.getAuthenticationUsername())
.addAttribute(
WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_AUTH_FORM_TYPE,
abstractAuthenticatingWebForward.getFormType())
.addAttribute(
WebForwardEventConstants.EVENT_ATTR_REVERSE_WEB_FORWARD_ACTIVE_DNS,
String.valueOf(rpwf.getActiveDNS()))
.addAttribute(
WebForwardEventConstants.EVENT_ATTR_REVERSE_WEB_FORWARD_HOST_HEADER,
rpwf.getHostHeader());
rpwf.addPathsToEvent(evt, WebForwardEventConstants.EVENT_ATTR_REVERSE_WEB_FORWARD_PATHS);
rpwf.addCustomHeadersToEvent(
evt, WebForwardEventConstants.EVENT_ATTR_REVERSE_WEB_FORWARD_CUSTOM_HEADERS);
rpwf.addFormParametersToEvent(
evt, WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_AUTH_FORM_PARAMETERS);
CoreServlet.getServlet().fireCoreEvent(evt);
webForward = abstractAuthenticatingWebForward;
}
} catch (Exception e) {
CoreServlet.getServlet()
.fireCoreEvent(
new ResourceChangeEvent(
this,
WebForwardEventConstants.CREATE_WEB_FORWARD,
this.getSessionInfo(request),
e));
throw e;
}
actionStatus.add(
new WizardActionStatus(
WizardActionStatus.COMPLETED_OK,
"webForwardWizard.webForwardFinish.status.profileCreated"));
} catch (Exception e) {
log.error("Failed to create profile.", e);
actionStatus.add(
new WizardActionStatus(
WizardActionStatus.COMPLETED_WITH_ERRORS,
"webForwardWizard.webForwardFinish.status.failedToCreateProfile",
e.getMessage()));
}
// TODO do the attaching.
if (webForward != null) {
actionStatus.add(
attachToPoliciesAndAddToFavorites(
"webForwardWizard.webForwardFinish", seq, webForward, favorite, request));
}
((AbstractWizardFinishForm) form).setActionStatus(actionStatus);
return super.unspecified(mapping, form, request, response);
}